package com.csms.security.filter;

import com.alibaba.fastjson.JSONObject;
import com.csms.entity.StoreUser;
import com.csms.security.CusAuthenticationManager;
import com.csms.security.MyAuthenticationToken;
import com.csms.security.handler.UserLoginFailureHandler;
import com.csms.security.handler.UserLoginSuccessHandler;
import com.csms.utils.MultiReadHttpServletRequest;


import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;

/**
 * <p> 自定义用户密码校验过滤器 </p>
 *
 * @author : zhengqing
 * @description :
 * @date : 2019/10/12 15:32
 */
@Slf4j
@Component
public class CsmsAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter {

    /**
     * @param authenticationManager:             认证管理器
     * @param adminAuthenticationSuccessHandler: 认证成功处理
     * @param adminAuthenticationFailureHandler: 认证失败处理
     */
    public CsmsAuthenticationProcessingFilter(
            CusAuthenticationManager authenticationManager,
            UserLoginSuccessHandler adminAuthenticationSuccessHandler,
            UserLoginFailureHandler adminAuthenticationFailureHandler) {
        super(new AntPathRequestMatcher("/user/login", "POST"));
        this.setAuthenticationManager(authenticationManager);
        this.setAuthenticationSuccessHandler(adminAuthenticationSuccessHandler);
        this.setAuthenticationFailureHandler(adminAuthenticationFailureHandler);
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
        if (request.getContentType() == null || !request.getContentType().contains("application/json")) {
            throw new AuthenticationServiceException("请求头类型不支持: " + request.getContentType());
        }

        MyAuthenticationToken authRequest;
        try {

            MultiReadHttpServletRequest wrappedRequest = new MultiReadHttpServletRequest(request);
            // 将前端传递的数据转换成jsonBean数据格式
            //StoreUser user = JSONObject.parseObject(wrappedRequest.getBodyJsonStrByJson(wrappedRequest), StoreUser.class);
            String username = request.getParameter("username");
            String password = request.getParameter("password");
//            long tenantId=user.getTenantId();
            Map<String, Object> map = new HashMap<>();
            map.put("tenantId",1);
//            authRequest = new MyAuthenticationToken(user.getUsername(), user.getPassword(), null,map);
            authRequest = new MyAuthenticationToken(username, password, null, map);
            authRequest.setDetails(authenticationDetailsSource.buildDetails(wrappedRequest));
        } catch (Exception e) {
            throw new AuthenticationServiceException(e.getMessage());
        }
        Authentication ac = this.getAuthenticationManager().authenticate(authRequest);
        return ac;
    }

}